Due to these sensitive applications, networks of the like must be provided with security services like confidentiality, authentication, integrity, and authorization.
Encryption systems used in conventional communication networks typically carry out encryption methods based on cryptography for securing the communications.
More particularly, in some networks comprising nodes having to be very cost-efficient, symmetric cryptography is therefore usually applied to enable required security services. Indeed, in networks of the like, such as wireless sensor networks, nodes are typically resource-constrained, namely in terms of battery power, communication bandwidth, processing power, or memory. Security methods based on asymmetric cryptography are thus generally considered either inefficient or infeasible in such nodes.
The fundamental issue in symmetric cryptography lies in key-distribution, i.e. in the establishment of shared secrets in nodes belonging to a network and having to communicate securely. This problem is particularly eminent in WSNs, since their size can vary from tens to several tens of thousands of nodes, and their nature can be very dynamic, e.g. the network topology may not be known a priori.
Conventional key pre-distribution methods used in WSN are combinatorial methods, which consist in splitting nodes of a network into classes, and in assigning to each node a set of keys corresponding to its class. A class within the meaning of the present description corresponds to a set of elements gathered in accordance with a predetermined law such as a mathematical, arithmetical, or logical law. In such methods, nodes in a same class all share the same keys, and nodes from different classes are guaranteed to share at least one key, so as to enable communication.
However, those methods present a major drawback in terms of resiliency, since the capture of a node by an adversary implies that all the keys in the captured node key set are compromised and, consequently, communication of all nodes in that class, and even nodes in other classes using the same keys, is compromised.
In addition, some WSN application scenarios such as patient monitoring in hospitals require different security domains organized in a hierarchical manner. In such networks, sensor nodes belong to one or several security domains, depending on their level of authorization. In existing hierarchical key distribution schemes, each security domain is linked to a key distribution, thus the capture of a security domain at a low level, i.e. a security domain comprising many nodes, even if not leading to compromise the keying material of other security domains at low levels, can still break the security at higher levels.